Double standards are common in the cyber-security world

There are a lot of double standards going on in the IT industry, the latest report by security firm Absolute Software suggests.

According to the research report conducted among IT managers and decision makers in the UK, a high percentage of IT personnel don’t follow the same security protocols they are expected to enforce.

The results are quite interesting – 17 per cent of respondents admitted to hacking their own company. Moreover, 28 per cent knowingly circumvented their own security policies.

“Given that IT is the security gatekeeper for an organisation, it was alarming to see such high incidents of non-compliant behaviour by IT personnel,” said Stephen Midgley, vice president, Global Marketing, Absolute. “Even if these actions are being performed to validate existing infrastructure, senior leadership should be aware that this activity is occurring. It may also be worthwhile to consider third-party audits to ensure adherence with corporate security policies.”

Security will be on top of the IT spending list in the future, the report says, adding that 73 per cent of those surveyed expect an increase in investment this year.

However, despite these investments, employees and insiders continue to be the biggest threat to a company’s security, and IT managers continue to carry the burden of responsibility for any breaches.

The report says 58 per cent of IT decision makers believe they’d be fired if a security breach happened.

"Despite marked improvements, businesses are still very susceptible to attack,” added Midgley. “The gaps in current data breach response plans and in upholding general best practice policies must be addressed.”